[WG-UMA] OAuth 2.0 and the Road to Hell

Thomas Hardjono identity at hardjono.net
Sun Jul 29 20:55:58 EDT 2012


+1 agree with John here. Oauth2.0 is here to stay. (It may evolve
further in the future).

cheers,

/thomas/

-----------------------------


From: wg-uma-bounces at kantarainitiative.org
[mailto:wg-uma-bounces at kantarainitiative.org] On Behalf Of John
Bradley
Sent: Saturday, July 28, 2012 2:51 PM
To: Salvatore D'Agostino
Cc: 'UMA WG WG'
Subject: Re: [WG-UMA] OAuth 2.0 and the Road to Hell

I put up a blog post this morning.
  http://www.thread-safe.com/2012/07/the-oauth-2-sky-is-not-falling.ht
ml

John B.
On 2012-07-28, at 11:43 AM, Salvatore D'Agostino wrote:


John,
 
Glad to hear the good with the bad.
 
Thanks,
Sal
 
From: John Bradley [mailto:ve7jtb at ve7jtb.com] 
Sent: Saturday, July 28, 2012 1:00 PM
To: Salvatore D'Agostino
Cc: 'Eve Maler'; 'Alam'; 'UMA WG WG'
Subject: Re: [WG-UMA] OAuth 2.0 and the Road to Hell
 
Get a grip people.  The sky is not falling.   Life is good.
 
The OAuth workgroup has been making excellent progress closing the
open issues.
 
We are now finishing the instructions for the RFC editor.  The spec
has been completed in the last several months since the chairs removed
the editor's ability to block progress.
 
I don't hink it would have been in UMA's interest to support only
confidential clients with only MAC tokens.   It is true that protocols
using OAuth 2 need to define there security models and profile the
spec as UMA has.   This is normal,  nothing has changed except that
OAuth is making progress again.
 
John B.
 
On 2012-07-28, at 9:45 AM, Salvatore D'Agostino wrote:



Hi Eve,
 
Been lurking and seen this all come to pass as well.
 
Assume that the bad part is that Eran is right and that OAuth 2 is
less likely the building block we looked to build on?
 
Regards,
 
Sal
 
From: wg-uma-bounces at kantarainitiative.org [mailto:wg-uma-bounces at kant
arainitiative.org] On Behalf Of Eve Maler
Sent: Friday, July 27, 2012 8:26 PM
To: Alam
Cc: UMA WG WG
Subject: Re: [WG-UMA] OAuth 2.0 and the Road to Hell
 
Sigh. This is an extraordinarily unhelpful blog post. Dick Hardt's
comment late in the thread captures some of the frustration around
Eran's position and actions...
 
            Eve
 
On 27 Jul 2012, at 8:44 AM, Alam <alamjan at gmail.com> wrote:




Hi All,

"They say the road to hell is paved with good intentions. Well,
that’s OAuth 2.0. "  Eran Hammer
for more ...

http://hueniverse.com/2012/07/oauth-2-0-and-the-road-to-hell/

Cheers,
Alam
_______________________________________________
WG-UMA mailing list
WG-UMA at kantarainitiative.org
http://kantarainitiative.org/mailman/listinfo/wg-uma
 

Eve Maler                                  http://www.xmlgrrl.com/blog
+1 425 345 6756                         http://www.twitter.com/xmlgrrl




 
_______________________________________________
WG-UMA mailing list
WG-UMA at kantarainitiative.org
http://kantarainitiative.org/mailman/listinfo/wg-uma




More information about the WG-UMA mailing list